Networking

I have been working on getting an Cisco ACI implementation up and running. In doing so, I noticed that there were some lingering faults showing up in the APIC dashboard. One of these faults was “Physical Interface eth1/2 on Node 1 is now down”. This fault is caused by eth1/2 being set to admin up by default and the port not being used.

There is currently no way to correct this issue in the GUI. However there is an enhancement coming in a future version of the APIC software, CSCuv63617. The issue can be corrected via the CLI. You will need to log into each APIC controller and run the following commands:

I recently upgraded my lab firewall from the aging Cisco ASA 5505 to the brand new Cisco ASA 5506W-X. Since this device is so new, there is no information available yet about resolving any of the “gotchas” so I thought I would share a a couple of them.

Coming from a Cisco background this was a little bit of a change. I am now using Dell Force10 switches and I have been trying to figure out how to get LLDP to advertise the management IP to its neighbors like CDP does. CDP does this by default and there is non-default configuration that must be done in order to get LLDP to do it. With LLDP you must add LLDP configuration to each neighbor facing interface. Below is an example of what that configuration would look like:

The next part of the NSX deployment is to get the NSX Manager registered with vCenter. The first thing to do for this is to browse to the NSX Manager IP that you chose during the OVF deployment. You will be presented with a login screen as seen below.

VMware NSX for vSphere was announced at VMworld 2013. The surprising thing is there is not a lot of information available on how to install and configure it. So I set off on this venture and I thought I would share the information. NSX for vSphere is a combination of technologies from the traditional vCloud Network & Security (vCNS) as well as technologies from the Nicera acquisition. The underlying overlay protocol that NSX for vSphere uses is VXLAN, but it takes VXLAN to the next level by allowing unicast VXLAN and eliminates the requirement for multicast routing.

I will have a four post series on the steps from A to Z on how to install and configure NSX for vSphere. This first post will focus on how to install the NSX Manager. The NSX Manager is the API interface to the NSX Control Cluster. The NSX Manager comes in the form of an OVA template.

We all know that VMware NSX brings L2–L4 network services up into the logical space, things like Layer 2 switching, distributed layer 3 routing, and distributed firewalling can all now be processed within the hypervisor.

Yeah so? That is so 2013.

What is 2014 going to bring?

What else did NSX enable that is not as broadly spoken about? Network visibility for the hypervisor.

Once you have lifted your network up into the logical space (software) you then have end to end visibility into the logical traffic flows. When DRS is given insight into these flows it can then be able to use that information (in addition to traditional compute level information) to more intelligently place VM’s in the environment. Enter Network DRS. A very simplistic scenario of this would be if you have 2 VM’s that are on separate hosts and those VM’s are generating a significant amount of traffic between each other. Since DRS would now have insight into the logical network traffic flows it would detect this and migrate one of the VM’s onto the same host as the other. Now, instead of having the network traffic go out onto the physical wire, it would be moving between the two VM’s at bus speed.

This is just one very brief example of the exciting things that NSX enables. VMware very briefly mentioned this as a technology preview at VMworld 2013. I, for one, am very excited to see what progress has been made to bring this to a generally available reality.